Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/941768?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/941768?format=api", "purl": "pkg:deb/debian/unbound@1.9.6-1?distro=trixie", "type": "deb", "namespace": "debian", "name": "unbound", "version": "1.9.6-1", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "1.10.1-1", "latest_non_vulnerable_version": "1.24.2-1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81748?format=api", "vulnerability_id": "VCID-2d5q-y4tv-ukgb", "summary": "unbound: out-of-bounds write in sldns_bget_token_par", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25035.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25035.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25035", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72792", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72799", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72819", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72795", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72833", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72847", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72872", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72855", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72848", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.7289", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72899", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72892", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72934", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25035" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954780", "reference_id": "1954780", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954780" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1853", "reference_id": "RHSA-2021:1853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0632", "reference_id": "RHSA-2022:0632", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0632" }, { "reference_url": "https://usn.ubuntu.com/4938-1/", "reference_id": "USN-4938-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4938-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941768?format=api", "purl": "pkg:deb/debian/unbound@1.9.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.9.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941758?format=api", "purl": "pkg:deb/debian/unbound@1.13.1-1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.13.1-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941756?format=api", "purl": "pkg:deb/debian/unbound@1.17.1-2%2Bdeb12u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.17.1-2%252Bdeb12u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941760?format=api", "purl": "pkg:deb/debian/unbound@1.22.0-2%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.22.0-2%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941759?format=api", "purl": "pkg:deb/debian/unbound@1.24.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.24.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-25035" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2d5q-y4tv-ukgb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81753?format=api", "vulnerability_id": "VCID-a58b-qqsv-9fec", "summary": "unbound: infinite loop via a compressed name in dname_pkt_copy", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25040.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25040.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25040", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77158", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77165", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77194", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77176", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77208", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77217", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77245", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77223", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.7722", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.7726", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77261", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77253", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77287", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25040" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25040" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954799", "reference_id": "1954799", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954799" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1853", "reference_id": "RHSA-2021:1853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0632", "reference_id": "RHSA-2022:0632", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0632" }, { "reference_url": "https://usn.ubuntu.com/4938-1/", "reference_id": "USN-4938-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4938-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941768?format=api", "purl": "pkg:deb/debian/unbound@1.9.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.9.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941758?format=api", "purl": "pkg:deb/debian/unbound@1.13.1-1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.13.1-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941756?format=api", "purl": "pkg:deb/debian/unbound@1.17.1-2%2Bdeb12u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.17.1-2%252Bdeb12u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941760?format=api", "purl": "pkg:deb/debian/unbound@1.22.0-2%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.22.0-2%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941759?format=api", "purl": "pkg:deb/debian/unbound@1.24.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.24.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-25040" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a58b-qqsv-9fec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81746?format=api", "vulnerability_id": "VCID-am4a-hwtd-uybh", "summary": "unbound: integer overflow in the regional allocator via the ALIGN_UP macro", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25033.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25033.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25033", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55331", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55443", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55411", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55469", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55505", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55508", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55487", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55467", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55445", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55497", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55498", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55507", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55486", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25033" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25033", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25033" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954775", "reference_id": "1954775", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954775" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html", "reference_id": "msg00007.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:24:46Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210507-0007/", "reference_id": "ntap-20210507-0007", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:24:46Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210507-0007/" }, { "reference_url": "https://ostif.org/our-audit-of-unbound-dns-by-x41-d-sec-full-results/", "reference_id": "our-audit-of-unbound-dns-by-x41-d-sec-full-results", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T20:24:46Z/" } ], "url": "https://ostif.org/our-audit-of-unbound-dns-by-x41-d-sec-full-results/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7622", "reference_id": "RHSA-2022:7622", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7622" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0749", "reference_id": "RHSA-2024:0749", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0749" }, { "reference_url": "https://usn.ubuntu.com/4938-1/", "reference_id": "USN-4938-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4938-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941768?format=api", "purl": "pkg:deb/debian/unbound@1.9.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.9.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941758?format=api", "purl": "pkg:deb/debian/unbound@1.13.1-1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.13.1-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941756?format=api", "purl": "pkg:deb/debian/unbound@1.17.1-2%2Bdeb12u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.17.1-2%252Bdeb12u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941760?format=api", "purl": "pkg:deb/debian/unbound@1.22.0-2%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.22.0-2%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941759?format=api", "purl": "pkg:deb/debian/unbound@1.24.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.24.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-25033" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-am4a-hwtd-uybh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81754?format=api", "vulnerability_id": "VCID-dc9g-bdph-9qa3", "summary": "unbound: assertion failure via a compressed name in dname_pkt_copy", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25041.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25041.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25041", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77217", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77223", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77252", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77235", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77266", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77275", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77302", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77282", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77279", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77319", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.7731", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77344", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25041" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954801", "reference_id": "1954801", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954801" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1853", "reference_id": "RHSA-2021:1853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0632", "reference_id": "RHSA-2022:0632", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0632" }, { "reference_url": "https://usn.ubuntu.com/4938-1/", "reference_id": "USN-4938-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4938-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941768?format=api", "purl": "pkg:deb/debian/unbound@1.9.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.9.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941758?format=api", "purl": "pkg:deb/debian/unbound@1.13.1-1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.13.1-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941756?format=api", "purl": "pkg:deb/debian/unbound@1.17.1-2%2Bdeb12u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.17.1-2%252Bdeb12u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941760?format=api", "purl": "pkg:deb/debian/unbound@1.22.0-2%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.22.0-2%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941759?format=api", "purl": "pkg:deb/debian/unbound@1.24.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.24.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-25041" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dc9g-bdph-9qa3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81749?format=api", "vulnerability_id": "VCID-dnkp-t2z3-gbcm", "summary": "unbound: assertion failure and denial of service in synth_cname", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25036.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25036.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25036", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77158", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77165", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77194", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77176", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77208", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77217", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77245", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77223", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.7722", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.7726", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77261", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77253", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01019", "scoring_system": "epss", "scoring_elements": "0.77287", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25036" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954782", "reference_id": "1954782", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954782" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1853", "reference_id": "RHSA-2021:1853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0632", "reference_id": "RHSA-2022:0632", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0632" }, { "reference_url": "https://usn.ubuntu.com/4938-1/", "reference_id": "USN-4938-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4938-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941768?format=api", "purl": "pkg:deb/debian/unbound@1.9.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.9.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941758?format=api", "purl": "pkg:deb/debian/unbound@1.13.1-1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.13.1-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941756?format=api", "purl": "pkg:deb/debian/unbound@1.17.1-2%2Bdeb12u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.17.1-2%252Bdeb12u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941760?format=api", "purl": "pkg:deb/debian/unbound@1.22.0-2%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.22.0-2%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941759?format=api", "purl": "pkg:deb/debian/unbound@1.24.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.24.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-25036" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dnkp-t2z3-gbcm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81756?format=api", "vulnerability_id": "VCID-f23u-dymp-63c9", "summary": "unbound: configuration injection in create_unbound_ad_servers.sh upon a successful man-in-the-middle attack against a cleartext HTTP session", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25031.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25031.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25031", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00811", "scoring_system": "epss", "scoring_elements": "0.74183", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00811", "scoring_system": "epss", "scoring_elements": "0.74188", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00811", "scoring_system": "epss", "scoring_elements": "0.74216", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00811", "scoring_system": "epss", "scoring_elements": "0.74221", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00811", "scoring_system": "epss", "scoring_elements": "0.74236", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00811", "scoring_system": "epss", "scoring_elements": "0.74257", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00811", "scoring_system": "epss", "scoring_elements": "0.74238", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00811", "scoring_system": "epss", "scoring_elements": "0.74231", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00811", "scoring_system": "epss", "scoring_elements": "0.74269", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00811", "scoring_system": "epss", "scoring_elements": "0.74279", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00811", "scoring_system": "epss", "scoring_elements": "0.74271", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00811", "scoring_system": "epss", "scoring_elements": "0.74305", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25031" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25031", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25031" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954809", "reference_id": "1954809", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954809" }, { "reference_url": "https://usn.ubuntu.com/4938-1/", "reference_id": "USN-4938-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4938-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941768?format=api", "purl": "pkg:deb/debian/unbound@1.9.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.9.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941758?format=api", "purl": "pkg:deb/debian/unbound@1.13.1-1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.13.1-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941756?format=api", "purl": "pkg:deb/debian/unbound@1.17.1-2%2Bdeb12u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.17.1-2%252Bdeb12u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941760?format=api", "purl": "pkg:deb/debian/unbound@1.22.0-2%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.22.0-2%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941759?format=api", "purl": "pkg:deb/debian/unbound@1.24.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.24.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-25031" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f23u-dymp-63c9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81745?format=api", "vulnerability_id": "VCID-fwbt-2wnn-p3cw", "summary": "unbound: integer overflow in the regional allocator via regional_alloc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25032.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25032.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25032", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.72917", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.72929", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.72948", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.72925", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.72962", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.72975", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.73", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.7298", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.72973", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.73014", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.73024", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.73017", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.73056", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25032" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25032", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25032" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954772", "reference_id": "1954772", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954772" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1853", "reference_id": "RHSA-2021:1853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0632", "reference_id": "RHSA-2022:0632", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0632" }, { "reference_url": "https://usn.ubuntu.com/4938-1/", "reference_id": "USN-4938-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4938-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941768?format=api", "purl": "pkg:deb/debian/unbound@1.9.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.9.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941758?format=api", "purl": "pkg:deb/debian/unbound@1.13.1-1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.13.1-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941756?format=api", "purl": "pkg:deb/debian/unbound@1.17.1-2%2Bdeb12u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.17.1-2%252Bdeb12u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941760?format=api", "purl": "pkg:deb/debian/unbound@1.22.0-2%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.22.0-2%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941759?format=api", "purl": "pkg:deb/debian/unbound@1.24.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.24.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-25032" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fwbt-2wnn-p3cw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81750?format=api", "vulnerability_id": "VCID-nrbr-ruhk-8khx", "summary": "unbound: assertion failure and denial of service in dname_pkt_copy via an invalid packet", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25037.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25037.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25037", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77217", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77223", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77344", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77282", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77279", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77319", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.7731", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77252", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77235", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77266", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77275", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77302", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25037" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25037", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25037" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954794", "reference_id": "1954794", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954794" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html", "reference_id": "msg00007.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T14:58:32Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210507-0007/", "reference_id": "ntap-20210507-0007", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T14:58:32Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210507-0007/" }, { "reference_url": "https://ostif.org/our-audit-of-unbound-dns-by-x41-d-sec-full-results/", "reference_id": "our-audit-of-unbound-dns-by-x41-d-sec-full-results", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T14:58:32Z/" } ], "url": "https://ostif.org/our-audit-of-unbound-dns-by-x41-d-sec-full-results/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1853", "reference_id": "RHSA-2021:1853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0632", "reference_id": "RHSA-2022:0632", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0632" }, { "reference_url": "https://usn.ubuntu.com/4938-1/", "reference_id": "USN-4938-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4938-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941768?format=api", "purl": "pkg:deb/debian/unbound@1.9.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.9.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941758?format=api", "purl": "pkg:deb/debian/unbound@1.13.1-1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.13.1-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941756?format=api", "purl": "pkg:deb/debian/unbound@1.17.1-2%2Bdeb12u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.17.1-2%252Bdeb12u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941760?format=api", "purl": "pkg:deb/debian/unbound@1.22.0-2%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.22.0-2%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941759?format=api", "purl": "pkg:deb/debian/unbound@1.24.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.24.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-25037" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nrbr-ruhk-8khx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81755?format=api", "vulnerability_id": "VCID-pb7a-j1ff-dbf7", "summary": "unbound: out-of-bounds write via a compressed name in rdata_copy", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25042.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25042.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25042", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72792", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72799", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72819", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72795", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72833", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72847", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72872", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72855", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72848", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.7289", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72899", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72892", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72934", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25042" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25042", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25042" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954804", "reference_id": "1954804", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954804" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1853", "reference_id": "RHSA-2021:1853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0632", "reference_id": "RHSA-2022:0632", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0632" }, { "reference_url": "https://usn.ubuntu.com/4938-1/", "reference_id": "USN-4938-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4938-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941768?format=api", "purl": "pkg:deb/debian/unbound@1.9.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.9.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941758?format=api", "purl": "pkg:deb/debian/unbound@1.13.1-1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.13.1-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941756?format=api", "purl": "pkg:deb/debian/unbound@1.17.1-2%2Bdeb12u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.17.1-2%252Bdeb12u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941760?format=api", "purl": "pkg:deb/debian/unbound@1.22.0-2%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.22.0-2%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941759?format=api", "purl": "pkg:deb/debian/unbound@1.24.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.24.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-25042" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pb7a-j1ff-dbf7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81797?format=api", "vulnerability_id": "VCID-pquu-mx3q-2bay", "summary": "unbound: command injection with data coming from a specially crafted IPSECKEY answer", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00067.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00067.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00069.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00069.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18934.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18934.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18934", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00671", "scoring_system": "epss", "scoring_elements": "0.713", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00671", "scoring_system": "epss", "scoring_elements": "0.71429", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00671", "scoring_system": "epss", "scoring_elements": "0.71345", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00671", "scoring_system": "epss", "scoring_elements": "0.71391", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00671", "scoring_system": "epss", "scoring_elements": "0.71398", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00671", "scoring_system": "epss", "scoring_elements": "0.71308", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00671", "scoring_system": "epss", "scoring_elements": "0.71326", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00671", "scoring_system": "epss", "scoring_elements": "0.71341", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00671", "scoring_system": "epss", "scoring_elements": "0.71355", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00671", "scoring_system": "epss", "scoring_elements": "0.71377", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00671", "scoring_system": "epss", "scoring_elements": "0.71362", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18934" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18934", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18934" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/NLnetLabs/unbound/blob/release-1.9.5/doc/Changelog", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/NLnetLabs/unbound/blob/release-1.9.5/doc/Changelog" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MOCR6JP7MSRARTOGEHGST64G4FJGX5VK/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MOCR6JP7MSRARTOGEHGST64G4FJGX5VK/" }, { "reference_url": "https://www.nlnetlabs.nl/downloads/unbound/CVE-2019-18934.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.nlnetlabs.nl/downloads/unbound/CVE-2019-18934.txt" }, { "reference_url": "https://www.nlnetlabs.nl/news/2019/Nov/19/unbound-1.9.5-released/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.nlnetlabs.nl/news/2019/Nov/19/unbound-1.9.5-released/" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/11/19/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2019/11/19/1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1776762", "reference_id": "1776762", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1776762" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:nlnetlabs:unbound:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nlnetlabs:unbound:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-18934", "reference_id": "CVE-2019-18934", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-18934" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1716", "reference_id": "RHSA-2020:1716", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1716" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941768?format=api", "purl": "pkg:deb/debian/unbound@1.9.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.9.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941758?format=api", "purl": "pkg:deb/debian/unbound@1.13.1-1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.13.1-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941756?format=api", "purl": "pkg:deb/debian/unbound@1.17.1-2%2Bdeb12u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.17.1-2%252Bdeb12u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941760?format=api", "purl": "pkg:deb/debian/unbound@1.22.0-2%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.22.0-2%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941759?format=api", "purl": "pkg:deb/debian/unbound@1.24.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.24.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-18934" ], "risk_score": 3.3, "exploitability": "0.5", "weighted_severity": "6.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pquu-mx3q-2bay" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81751?format=api", "vulnerability_id": "VCID-qtvr-wfa9-qke6", "summary": "unbound: integer overflow in a size calculation in dnscrypt/dnscrypt.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25038.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25038.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25038", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72792", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72799", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72934", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72848", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.7289", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72899", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72892", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72819", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72795", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72833", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72847", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72872", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72855", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25038" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25038", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25038" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954796", "reference_id": "1954796", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954796" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html", "reference_id": "msg00007.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-06-11T14:42:51Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210507-0007/", "reference_id": "ntap-20210507-0007", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-06-11T14:42:51Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210507-0007/" }, { "reference_url": "https://ostif.org/our-audit-of-unbound-dns-by-x41-d-sec-full-results/", "reference_id": "our-audit-of-unbound-dns-by-x41-d-sec-full-results", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-06-11T14:42:51Z/" } ], "url": "https://ostif.org/our-audit-of-unbound-dns-by-x41-d-sec-full-results/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1853", "reference_id": "RHSA-2021:1853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0632", "reference_id": "RHSA-2022:0632", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0632" }, { "reference_url": "https://usn.ubuntu.com/4938-1/", "reference_id": "USN-4938-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4938-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941768?format=api", "purl": "pkg:deb/debian/unbound@1.9.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.9.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941758?format=api", "purl": "pkg:deb/debian/unbound@1.13.1-1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.13.1-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941756?format=api", "purl": "pkg:deb/debian/unbound@1.17.1-2%2Bdeb12u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.17.1-2%252Bdeb12u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941760?format=api", "purl": "pkg:deb/debian/unbound@1.22.0-2%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.22.0-2%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941759?format=api", "purl": "pkg:deb/debian/unbound@1.24.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.24.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-25038" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qtvr-wfa9-qke6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81752?format=api", "vulnerability_id": "VCID-twch-y9hk-ybew", "summary": "unbound: integer overflow in a size calculation in respip/respip.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25039.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25039.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25039", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72792", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72799", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72819", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72795", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72833", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72847", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72872", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72855", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72848", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.7289", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72899", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72892", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72934", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25039" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25039", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25039" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954797", "reference_id": "1954797", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954797" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1853", "reference_id": "RHSA-2021:1853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0632", "reference_id": "RHSA-2022:0632", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0632" }, { "reference_url": "https://usn.ubuntu.com/4938-1/", "reference_id": "USN-4938-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4938-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941768?format=api", "purl": "pkg:deb/debian/unbound@1.9.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.9.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941758?format=api", "purl": "pkg:deb/debian/unbound@1.13.1-1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.13.1-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941756?format=api", "purl": "pkg:deb/debian/unbound@1.17.1-2%2Bdeb12u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.17.1-2%252Bdeb12u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941760?format=api", "purl": "pkg:deb/debian/unbound@1.22.0-2%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.22.0-2%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941759?format=api", "purl": "pkg:deb/debian/unbound@1.24.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.24.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-25039" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-twch-y9hk-ybew" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81747?format=api", "vulnerability_id": "VCID-u811-711b-87c4", "summary": "unbound: integer overflow in sldns_str2wire_dname_buf_origin can lead to an out-of-bounds write", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25034.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25034.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25034", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72792", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72799", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72819", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72795", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72833", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72847", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72872", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72855", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72848", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.7289", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72899", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72892", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72934", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25034" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25034", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25034" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954778", "reference_id": "1954778", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954778" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1853", "reference_id": "RHSA-2021:1853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0632", "reference_id": "RHSA-2022:0632", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0632" }, { "reference_url": "https://usn.ubuntu.com/4938-1/", "reference_id": "USN-4938-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4938-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941768?format=api", "purl": "pkg:deb/debian/unbound@1.9.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.9.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941758?format=api", "purl": "pkg:deb/debian/unbound@1.13.1-1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.13.1-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941756?format=api", "purl": "pkg:deb/debian/unbound@1.17.1-2%2Bdeb12u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.17.1-2%252Bdeb12u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941760?format=api", "purl": "pkg:deb/debian/unbound@1.22.0-2%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.22.0-2%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941759?format=api", "purl": "pkg:deb/debian/unbound@1.24.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.24.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-25034" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u811-711b-87c4" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.9.6-1%3Fdistro=trixie" }